GIGANTIC flaw discovered in PBEM - exploitation makes the whole game meaningless

Blkbird

Blkbird

King
Joined
Oct 29, 2005
Messages
860
Dear fellow PBEM players,

Just now, an unbelievably huge flaw in Civ4's PBEM game has been coincidentially discovered by me. :wow: The advantage one can gain by exploiting it is so shocking that I'm reluctant to publish the details at this time, even though I'm usually an advoate of "full disclosure".

I'm naming this flaw the Infinite (Something) Bug, because it gives a player unlimited "something". What this "something" is, I won't say here (but of course I know it) - it will eventually be revealed sooner or later. And needless to say, this something is very much limited when the game is played in a normal way. In fact, the infinity of it renders the whole game meaningless.

I'd like to point out that I haven't, in any way, "hacked" the game. I discoved this flaw completely by chance during actual gameplay. No monitoring, tracing, disassembling, debuging or other kinds of analysis software (or hardware) was used, not even a hexeditor or the Windows Notepad for that matter. Only the game itself was necessary to find the flaw. In other words, every "computer idot" could make this discovery just like I did. I'd even say that chance if high this flaw has already been found by others, as it really is easy to run into.

I'm now waiting for people associated with the game's maker to contact me via forum PM. I assure my intensions are good, I'm not going to blackmail anyone in any way. :) I'm not even hunting for fame, as I absolutely wish to remain anonymous.

But please, do not spam me if you're not working for the game's maker (and no, journalists etc. don't count). If you do try, I garantee your message will be ignored.

In case anyone thinks this is a hoax, or a misunderstanding on my side, I'm willing to deliver proof, but only to an admin of the Civilization Fnatics' Forum. Sorry, admins of other Civ related sites and forums, please refraim, as I'm but one man who doesn't want to deal with a whole army of you.
 
Guess what: no one cares if you discovered another infinite gold cheat.
 
Can't you just cheat in PBEM anyways by opening the game in Worldbuilder or just a hex editor to look at the map tile?
 
Blkbird said:
In fact, the infinity of it renders the whole game meaningless.
Click to expand...

No, bugs only make the game meaningless if the players use them. You can just agree not to take advantage of any bugs, and then the game becomes completely "meaningful".

And I don't doubt you, but, it would be a lot better to just post bugs that you discover here, rather than being all coy about it. Telling everyone is the fastest way to get them fixed.
 
Yes I agree. Just reveal the exact exploit you found. This increases the urgency of fixing it. What you are doing now allows people to use the exploit in secrecy. If I found an exploit such as this, personally, I would shout it from the rooftops. THAT is what puts the pressure on for a fix, not being coy.

However, I disagree on one point with the post above. There shouldn't be a "trust" factor in multiplayer, it should be as cheat-proof as possible.
 
Blkbird said:
In case anyone thinks this is a hoax, or a misunderstanding on my side, I'm willing to deliver proof, but only to an admin of the Civilization Fnatics' Forum. Sorry, admins of other Civ related sites and forums, please refraim, as I'm but one man who doesn't want to deal with a whole army of you.
Click to expand...
Please PM the details to me, and I'll pass them on to Firaxis. :)
 
Goombaz said:
However, I disagree on one point with the post above. There shouldn't be a "trust" factor in multiplayer, it should be as cheat-proof as possible.
Click to expand...

That's fine with me, but "As cheat-proof as possible" is not very cheat-proof at all. Every PBEM computer game ever published has required that the players trust their opponents; it's hard to believe that Civ4 can/will be an exception.

Asking for a cheat-proof PBEM is like asking for a computer opponent that can beat skilled human players without a handicap. It would be great but it's just not going to happen.
 
ainwood said:
Please PM the details to me, and I'll pass them on to Firaxis. :)
Click to expand...

"ainwood has exceeded their stored private messages quota and can not accept further messages until they clear some space."

Duh!
 
Blkbird said:
I'm now waiting for people associated with the game's maker to contact me via forum PM. I assure my intensions are good, I'm not going to blackmail anyone in any way. :) I'm not even hunting for fame, as I absolutely wish to remain anonymous.
Click to expand...

You want to remain anonymous and yet you create a post that can't be ignored?!?

If you want to remain anonymous, post in the the "bug" forum only.

And, if it is possible to load a PBEM game as a single player and then use worldbuilder on it and load it back into the multiplayers file, then it is possible to have unlimited *anything* anyway.
 
Maybe we should set up a poll to see if the majority wants the flaw published immediately?

(And I repeat, there is no hacking involved in discovering the flaw, not even the WorldBuilder. It's discovered without any attempt (or even intent) to exploit the system.)
 
I forgot to mention the flaw is found in the 1.09 version of the game. I don't know if it's in the orifinal 1.0 version as well, but I do consider it very likely.
 
Blkbird said:
Dear fellow PBEM players,

Just now, an unbelievably huge flaw in Civ4's PBEM game has been coincidentially discovered by me. :wow: The advantage one can gain by exploiting it is so shocking that I'm reluctant to publish the details at this time, even though I'm usually an advoate of "full disclosure".

I'm naming this flaw the Infinite (Something) Bug, because it gives a player unlimited "something". What this "something" is, I won't say here (but of course I know it) - it will eventually be revealed sooner or later. And needless to say, this something is very much limited when the game is played in a normal way. In fact, the infinity of it renders the whole game meaningless.

I'd like to point out that I haven't, in any way, "hacked" the game. I discoved this flaw completely by chance during actual gameplay. No monitoring, tracing, disassembling, debuging or other kinds of analysis software (or hardware) was used, not even a hexeditor or the Windows Notepad for that matter. Only the game itself was necessary to find the flaw. In other words, every "computer idot" could make this discovery just like I did. I'd even say that chance if high this flaw has already been found by others, as it really is easy to run into.

I'm now waiting for people associated with the game's maker to contact me via forum PM. I assure my intensions are good, I'm not going to blackmail anyone in any way. :) I'm not even hunting for fame, as I absolutely wish to remain anonymous.

But please, do not spam me if you're not working for the game's maker (and no, journalists etc. don't count). If you do try, I garantee your message will be ignored.

In case anyone thinks this is a hoax, or a misunderstanding on my side, I'm willing to deliver proof, but only to an admin of the Civilization Fnatics' Forum. Sorry, admins of other Civ related sites and forums, please refraim, as I'm but one man who doesn't want to deal with a whole army of you.
Click to expand...
The best way to have something fixed is to divulge the bug publicly. That is the only way the programmers are going to do something about it.
If the bug is kept "secret" you can be sure that those who mean to cheat will find out, yet the programmers are going to do nothing about it because the public is not concerned
 
Milan's Warrior said:
The best way to have something fixed is to divulge the bug publicly. That is the only way the programmers are going to do something about it.
If the bug is kept "secret" you can be sure that those who mean to cheat will find out, yet the programmers are going to do nothing about it because the public is not concerned
Click to expand...

I'm not waiting indefinitely, that's for sure. Also I will reserve the option to go public and time. As I said, normally I'm a believer of "full disclosure", but that is regarding computer security issues, this one is not security-related.
 
DaviddesJ said:
That's fine with me, but "As cheat-proof as possible" is not very cheat-proof at all. Every PBEM computer game ever published has required that the players trust their opponents; it's hard to believe that Civ4 can/will be an exception.

Asking for a cheat-proof PBEM is like asking for a computer opponent that can beat skilled human players without a handicap. It would be great but it's just not going to happen.
Click to expand...

To the first paragraph, that's not correct.

To the second paragraph, tell that to Garry Kasparov.
 
phybre said:
To the first paragraph, that's not correct.
Click to expand...

OK, I've never seen or heard of any PBEM game where players send turns back and forth (like Civ4) and where it's not trivial to cheat. I guess you should tell us about the ones you've played.

phybre said:
To the second paragraph, tell that to Garry Kasparov.
Click to expand...

Chess is much easier for computers, and harder for people, than Civ4, so the cost to develop a strong player for games like Civ4, while unknown (since no one has ever come close), would be much greater than the cost for chess. And, even for chess, the total investment in the research that led to strong computer chess players is orders of magnitude greater than the total cost to develop Civ4. No one is going to spend hundreds of millions or billions of dollars just making a better Civ4 opponent, which wouldn't even help the game sell any better (most players who actually buy these games don't want strong opponents).
 
Blkbird said:
I'm now waiting for people associated with the game's maker to contact me via forum PM. I assure my intensions are good, I'm not going to blackmail anyone in any way. :) I'm not even hunting for fame, as I absolutely wish to remain anonymous.

But please, do not spam me if you're not working for the game's maker (and no, journalists etc. don't count). If you do try, I garantee your message will be ignored.

In case anyone thinks this is a hoax, or a misunderstanding on my side, I'm willing to deliver proof, but only to an admin of the Civilization Fnatics' Forum. Sorry, admins of other Civ related sites and forums, please refraim, as I'm but one man who doesn't want to deal with a whole army of you.
Click to expand...

So you think you're going to be some kind of VIP because you found a bug in the game? :hmm:
Why didn't you just email Firaxis about it?
 
i've found few major bugs, and i still posted here, while firaxis have fixed them for 1.09, (and even created a fix for one, and firaxis also used my fix for 1.09)

i dont see ur point, shouting
"i found a huge bug, but im not gonna tell u all, because i dont trust anyone"
 
far out, were talking about a bug in a computer game here arnt we? its not the very fabric of the universe will unravel if we find out what it is will it? If you dont want us to know what the bug is why post a subject header "GIGANTIC flaw discovered ..." to attract everyones attention.
 
You must log in or register to reply here.

Similar threads

S
Winning The Early Game - Losing The Late Game
Replies
9
Views
1K
konata_LS
konata_LS
N.Core
Whole new unit line idea: Sapper line
Replies
14
Views
1K
Tekamthi
Tekamthi
X
The Settlements - My own game in progress
Replies
10
Views
1K
XtroTheArctic
X
L
Looking for a game
Replies
9
Views
1K
Lzz
L
Lord Lakely
First Impressions: I kind of hate playing Millennia.
2
Replies
38
Views
3K
Lonecat Nekophrodite
Lonecat Nekophrodite
Top Bottom